func startServer(db *bolt.DB) {
port := os.Getenv("QUIMBY_PORT")
if port == "" {
log.Fatal("you must specify a port with QUIMBY_PORT")
}
domain := os.Getenv("QUIMBY_DOMAIN")
if domain == "" {
log.Fatal("you must specify a domain with QUIMBY_DOMAIN")
}
internalPort := os.Getenv("QUIMBY_INTERNAL_PORT")
if port == "" {
log.Fatal("you must specify a port with QUIMBY_INTERNAL_PORT")
}
var lg *log.Logger
if os.Getenv("QUIMBY_NULLLOG") != "" {
lg = log.New(ioutil.Discard, "quimby ", log.Ltime)
} else {
lg = log.New(os.Stdout, "quimby ", log.Ltime)
}
clients := quimby.NewClientHolder()
tfa := quimby.NewTFA(domain)
start(db, port, internalPort, "/", "/api", lg, clients, tfa)
}
func AddUser(u *quimby.User) {
fmt.Println("adding a user", u)
var f passworder
var issuer string
if u.Username == "" {
fmt.Print("username: "******"%s\n", &u.Username)
fmt.Print("domain: ")
if os.Getenv("QUIMBY_DOMAIN") == "" {
fmt.Scanf("%s\n", &issuer)
if len(issuer) == 0 {
log.Fatal("you must supply the domain quimby is being served under")
}
} else {
issuer = os.Getenv("QUIMBY_DOMAIN")
}
fmt.Print("permission:\n 1: read\n 2: write\n 3: admin\n 4: system\n")
var x int
fmt.Scanf("%d\n", &x)
if x == 4 {
f = genPasswd
} else {
f = getPasswd
}
perm, ok := permissions[x]
if !ok {
log.Fatal("select 1, 2, 3, or 4")
}
u.Permission = perm
f(u)
}
tfa := quimby.NewTFA(issuer)
u.SetTFA(tfa)
qr, err := u.Save()
if err != nil {
log.Fatal(err)
}
tmp, err := ioutil.TempFile("", "")
if err != nil {
log.Fatal(err)
}
if _, err := tmp.Write(qr); err != nil {
log.Fatal(err)
}
tmp.Close()
fmt.Printf("you must scan the qr at %s with google authenticator before you can log in\n", tmp.Name())
}
func EditUser(db *bolt.DB) {
users, err := quimby.GetUsers(db)
if err != nil {
log.Fatal(err)
}
fmt.Println("select a user")
listUsers(users)
var i int
fmt.Scanf("%d\n", &i)
u := users[i-1]
var d string
fmt.Printf("Delete user %s? (y/N)\n ", u.Username)
fmt.Scanf("%s\n", &d)
if d == "y" {
u.Delete()
return
}
var p int
fmt.Printf("permission (%s):\n 1: read\n 2: write\n 3: admin\n ", u.Permission)
fmt.Scanf("%d\n", &p)
perm, ok := permissions[p]
if ok {
u.Permission = perm
}
var c string
fmt.Print("change tfa? (y/N) ")
fmt.Scanf("%s\n", &c)
if c == "y" || c == "Y" {
if os.Getenv("QUIMBY_DOMAIN") == "" {
log.Fatal("you must set QUIMBY_DOMAIN")
}
tfa := quimby.NewTFA(os.Getenv("QUIMBY_DOMAIN"))
if err := u.Fetch(); err != nil {
log.Fatal(err)
}
u.SetTFA(tfa)
qr, err := u.UpdateTFA()
if err != nil {
log.Fatal(err)
}
tmp, err := ioutil.TempFile("", "")
if err != nil {
log.Fatal(err)
}
if _, err := tmp.Write(qr); err != nil {
log.Fatal(err)
}
tmp.Close()
fmt.Printf("you must scan the qr at %s with google authenticator before you can log in\n", tmp.Name())
}
c = ""
fmt.Print("change password? (y/N) ")
fmt.Scanf("%s\n", &c)
if c == "y" || c == "Y" {
getPasswd(&u)
}
log.Println(u.Save())
}